Slashdot Mirror
Software Customer Bill of Rights
Cem Kaner of Badsoftware.com has written up a Software Customer Bill of Rights. Very appropriate considering our recent stories about Microsoft viruses, Dell's BIOS-clickwrap licensing agreement, etc.
← Back to Stories (view on slashdot.org)
But this is America. Consumer rights are secondary to business rights...
Nice thought but no one would ever adhere to these 'rights'. Its not profitable for commercial software vendors and open source vendors usually dont care or are too lazy to invest time and resources into making sure that these 'rights' are followed.
sad but true
"1. Let the customer see the contract before the sale. It should be easy for customers of mass-market software products and computer information contracts to compare the contract terms for a product..." It would be interesting to see how the court opinions which make this right one of the few listed which are already enforcable would serve as precident in relation to the new agreements imposed by microsoft as one installs mission-critical updates. Would drastic changes to EULA's made by Microsoft in software updates which are all but absolutly essential for the wellbeing of your data, etc, be court enforcable? Probably not...
This is a really well written, thought out, piece of work. But the only flaw I see is: 4. User has right to see and approve all transfers of information from her computer. (Basically says end-user should see un-encrypted version of what is being sent) If this law would be to put into use, we would have more of a problem with people stealing credit cards. I agree with what they are trying to do, but this looks like (to me) as if it's going to promote exploits.
Nice piece. Very nice, and very never going to happen. At least as long as opponents are large corps with armies of slick lawyers and proponents the EFF, RMS and a few computer-educated consumers.
...
...
Remember, most computer users still think software crashes and glitches are part of life with a computer, that viruses and worms are the work of evil pirates and that Microsoft is the victim, not the cause, etc
In short: it'll never happen. Move along
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
There should be no changing the contract terms in order to get bug fixes. (And no bundling bug fixes with new features to get around this provision.)
Oh, you mean that one that was patched a whole month before? Or are you talking about that e-mail attachment virus, the one for which you apparently expect Bill Gates to show up at people's houses telling them not to run the attachment?
How is it Microsoft's fault if users run the attachment? Is it Linus Torvalds' fault when there's a sendmail hole? Is that suddenly a "Linux hole?"
Just curious.
"Sufferin' succotash."
5. A software vendor may not block customer from accessing his own data without court approval.
But the software is intended to allow the user to see what Microsoft wants them to see. Encouraging users to see all their own data is circumventing the grand Microsoft plan of Digital Domination. I demand the site is removed from all search engines.
SAILING MISHAP
IMHO, there's one the omitted from the list:
11. The user shall have the right to view the source code on demand.
If I am running your software on my computer, I have the right to see what exactly it is doing. In 99% of the cases, I would not exercise this right, if I believe that the software is doing what it is supposed to do and I have no suspicions that it is doing something funny. I have a Red Hat Linux system but don't have most of the source code RPMs installed, or the full Linux kernel source installed. It's good enough for me to know that I can acquire it on demand.
And before I get flamed for sound like a clone of RMS, realize that seeing the source code is not necessarily the same as modifying and redistributing it. All Free Software is Open Source, but not all Open Source is Free Software. I would, however, object to having to sign NDAs to see source. You can tell me not to redistribute your source and I will abide by that, as that is simply following existing copyright law, but I would not accept a blanket gag order to not discuss the source at all.
Of course, this will probably never happen, but its a nice thought, anyway.
Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
As long as software publishers can get an ear from congressmen and senators that I can't get... and can deliver cash for elections that I can't... they'll get benefits that I can't.
Some guy posts his thoughts about how the software industry should run on his blog and it makes the front page. What happened to the "stuff that matters" clause? This isn't going to change anything.
The software and service licensing has become ridiculous over the last few years. They create these huge legalese documents, and imply agreement to them by opening a package or using a service. And, try returning a piece of software if you don't agree to the license, good luck.
While these agreements become more complex and onerous, the people creating them have taken on no responsibilities to clarify the licenses, explain the reqstrictions, etc.
If the companies are allowed to use these licenses, they should be required to have an independent citizens rights group translate/rate the license to compare it to accepted norms of how restrictive the licenses are. Rather than expecting each person to read the complete license, or have their lawyer interpret it for them; it should be analyzed by a professional and summarized in simple language. It should also carry ratings on a few key points, like how much it tries to limit product usage, resale, reverse engineering.. and, related areas like privacy protection by the company.
When has any product ever "lived" up to the marketing claims? If I expected everything I bought to live up to their claims, I'd be dissapointed with every bar of soap, every beer, and every Big Mac.
And that's not the way it should be. An ad shouldn't be able to tell me that a product is something when it's not. It is not my job to guess about what parts are lies.
Well, a bar of soap leaving you "clean and fresh" is something of an opinion. A piece of software that claims to work on Windows XP, but does not is a different story.
I've seen several boxed applications that have claims on the box that are simply not true... And I'm not talking about a game claiming to be able run on a 500MHz system.
I can name a number of MMORPGs that had big fat claims on their boxes/websites for features that were not (yet) in the games at launch. Hell, some of these games didn't even RUN after launch... With no refunds.
The section that you refer to is probably directed at things like that.
-Riskable
"Those who choose proprietary software will pay for their decision!"
I went to read this article thinking I would probably end up posting and saying that the US is too litigous, that it's dumb to have agreement upon agreement, even on the side of good, and that it was probably just a bunch of whiny rights.
What I found, though, was a simple, precise set of terms that are wholly agreeable. Nothing in that document is the least bit complicated or overbroad.
Let us see the contracts before we have to agree to them. Don't take away rights we already have, like criticism and reverse engineering, and first sale. If you know about serious bugs, tell us. Don't lie about what the product does.
That's pretty straightforward, and should not be the least bit damaging to anyone selling decent software.
Companies have a right to sell software and to ban people from reverse engineering it.
Why? If I buy a car, I can dig around under the hood to my heart's content. If I buy a book, I can study the writing style. Why should software be any different, especially given that software interacts with other programs on my computer, and other systems on the net, in ways that can be important to know but are easily hidden from the use.
Marketing is not what we are talking about.
Living up to the claims means that when we go in the store, and the package actually says "Imports all microsoft office formats", and it turns out that is false... that they have to take it back, no questions asked. It's a false sale.
The reason this needs to be stated is that, although you have this protection with physical products, the license-ish nature of software has allowed some vendors to claim that you have no recourse, even though they lied.
It's not the same thing as false advertising... more like sale under false pretenses.
I've been trying to make this point here before but open source, linux in particular, is a religion here. You'll always get moderated down.
These zealots like to point out that linux is almost devoid of remote holes, viruses or worms. What they fail to realize is that if linux had the same market share as Windows, all the goddamn script-kiddies and black hats would concentrate on linux instead of the MS Windows. And given the errata of the most popular linux distros, they'd have a field day!
BOO! TERRO
I think that if anyone could take apart a car that a company spends 1000's of hours designing, then what would stop people from making a similar car? It would be too easy to steal designs/ideas from companies which spend millions of dollars coming up with them.
How do you think Ford ever got competition from the likes of GM, VW, Kia, etc.? How do you think Ford started making cars?
I think they can patent some ideas, based on non-obviousness and the rest of patent law, but when it comes down to it, Ford still buys all the newest GM models and takes them apart, just like everyone else.
US patent and copyright law was created to expand the public domain. To do this, it gives an incentive to people for inventing (patents) or creating (copyrights). If you ever stop people from learning how to invent or create, by stopping them from taking apart and investigating the products of others, then you are acting against the intent of the constitution.
Copyright law?
"Ideas" get exactly zero legal protection, and rightly so. Only actual code requires any protection, and that is already covered by copyright. And frankly, given that software defects cost us $60 billion a year in damages, they should be grateful we even give them that much.
From a purely practical standpoint, how exactly do no-reverse-engineering clauses help companies anyway? It's not like they can monitor every user 24/7 to make sure they aren't studying the product's operation. If someone publishes a similar program, they can study it for potential copyright violations. If they can't find any evidence of copied code, well too bad. Having multiple products that do the same thing is the same sort of competition that all other industries have to live with.
In that case it will never work. If every piece of software can be run on N computers then businesses will buy 1/Nth as many copies, software companies will increase the price by a factor of N, and then home users won't be able to afford it. If you try to solve it by making a distinction among fields of use (home vs. business users) then I think you've just replaced one problem with another one.
I think what you really have in mind is Let software be installed on multiple machines by the same person. Let ownership be tied to the human being and not the computer. It actually makes a lot of sense, if you think about it.
I suggest that he add:
Source code and documentation will be placed and maintained [updated] in bonded escrow.
If the software product or hardware product reaches end of life and the current company does not develop a follow-on product with corresponding upgrade offer to registered customers, then the source code [software and firmware and documentation in digital format] will be sent to registered software and hardware customers, and, the source code will declared open source and offered to all via internet. If the initial development company is sold, source code will be offered and sent, if requested, to registered software and hardware owners. If the initial development company ceases to exist, source code will be sent to registered software and hardware owners, and, the source code will be declared open source and offered to all via internet. If an operating system integer upgrade [v1.X -> v2.X] requires the user to purchase new operating system software or hardware, then the source code will be offered to registered customers.
Failure to make source code available when a product reaches end of life or other conditions listed above will result in the top five officers of the initial development company (and the top five of the purchasing company, if a company purchase is involved) [CEO, COO, CIO, CFO, etc] being fined no less than $1,000,000 each, not payable by insurance company or current company; and will result in their forfeiture of all of the monies the executives received from their respective companies; and, will result in their receiving three years in prison without possibility of parole.
If you don't like how a software product is marketed or how the EULA works, THEN DON'T BUY THE PRODUCT. Buy from a competitor, download open source software. You do have choices people.
And how do I make that choice if the EULA is only presented after I've bought it?
There is a difference in a statement of fact and an expression of opinion. If Acme Autos advertises that it's Super Spiffy model will do 0 to 60 in under 5 seconds, it had better do it. However, if they claim that the Super Spiffy model will make you super cool, that isn't an objective statement of fact. Ad companies are extremely careful to ensure that all statements of fact are accurate. They'll imply and insinuate all sorts of things, many of which are of dubious truth value. But statements of fact must be true or the manufacturer is liable.
The same should be true of software. AOL can say that their software helps protect your children from inappropriate content, but they should not be able to say that it prevents your children form viewing inappropriate content. Such subtleties are everything in a court of law.
"The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.
If Linux had the same market share as Windows does now it still wouldn't be as targeted as Windows is. Why? People just don't hate Linux like they do Windows, so while script-kiddies and black hats might pay more attention to Linux than they do now, it still wouldn't be as inviting and easy of a target as Windows is.
Linux distros have also proven that they can and will improve their security faster than Microsoft. Microsoft is such a big problem because not only do they have a lot of holes, they are slow to fix things. Microsoft also sells their products on the 'any idiot can install/use it' premise, while Linux still requires people to learn a little more, so they are less likely to do stupid things.
But frankly, we'd all be better off if NO single OS had the kind of market share that Windows does. The current software mono-culture is just not healthy. If Windows only had say, a 30 or 35% market share, Linux had 25 or 30% and MacOS had say 25 or 30% and the rest was split up amongst a few smaller players, then it would be much more difficult for a single virus/worm to wreak the kind of havoc that a Windows virus/worm does today. Given the much higher difficulty to achieve a lot of notoriety, its far less likely that as many people would bother.
It's not exactly controversial to take this stand. The biggest argument against these initiatives that I can think of is that I don't believe that methods of delivering complex systems at a precisly characterized state of high quality are actually *known*. We're not really that far along as an engineering discipline.
Yeah, it's fashionable to want to sue Bill, but what if some guy creates some virus that brings a Linux system down to it's knees? Who do we sue? Linus? OSDL? Or will there be a double standard? Remember, if Bill gets to be sued, be prepared for your favorite OSS house to be liable as well. Otherwise it's just sheer hypocrisy to target MS. And remember, MS is made of of coders who went to the same schools as you. Contrary to OSS opinion, Bill does not write every single line of code in the products nowadays.
The difference with Free Software like Linux is that the source code is available. When you run Free Software you have just done exactly what the guy building XP over in Redmond does. So to a certain extent, you are just as responsible for the quality of the software.
Even if you don't go with that, the fact of the matter is that with Microsoft software you have no idea what you are getting and if there is something wrong, a security hole, something not working, etc. you are completely at Microsoft's mercy. But with Free Software you can change the software and it is not up to Linus to stop you.
Case in point would be the fights over preemptability, vm, and scheduling in the Linux kernel. Several people did not like the way it worked. They could see how it worked because they saw the source as well as the result on their machines. For some applications the Linux kernel just was not delivering; it was not suitable for their purpose.
But people disagreed on the right way to go, and Linus was not ready to choose. So people went off and wrote their own patches and distributed them and people used them. Now many of these enhancements are part of the 2.6 kernel.
p.By contrast, if you use Microsoft products and dislike the way they are designed, you are faced with an all-or-nothing situation. You can use them or not. There are vulnerabilities which Microsoft refuses to fix because they would have to rethink their design. This is not a problem with Free Software.
don't buy the product if you don't get to see the EULA until after you buy the product, dunce.
Last time I looked, most software packages don't have "There's a EULA in here, but we're not going to tell you what it is" written on the outside.
What happens when I buy a product and then find a hidden EULA, dunce?